Shulou(Shulou.com)06/01 Report--

2019 has become history.

In 2020, 5G landed, the industry ushered in new opportunities.

This year, more enterprises choose to go to the cloud.

The implementation Guide issued by the Ministry of Industry and Information Technology requires that by 2020, there will be 1 million new enterprises in Shangyun, forming a typical benchmark.

Use more than 100 cases to form a number of influential and dynamic cloud platforms and enterprise cloud experience centers.

It is undeniable that Shangyun has become a standard for enterprises.

But have you noticed that with the increase of cloud in enterprises, the problem of network security is highlighted, and more and more enterprises suffer from the network.

Resulting in serious consequences and huge losses.

As far as the world is concerned, the problem of network security this year is not optimistic.

In January, the government sabotaged and stole data from the South Korean Defense Ministry: the Seoul government said it destroyed 30 computers and

Stole data from 10 computers. The computers stored data on arms and ammunition purchases.

In February, major WinRAR errors were exposed: CheckPoint researchers found a WinRAR error, the error

Affects all WinRAR versions released since 2000. More than half a billion WinRAR users are at risk.

These loopholes were eventually widely used by cyber criminals and the state.

In March, the Asustek supply chain incident: * hijacked the Asustek LiveUpdate utility so that on the user's system

Deploy malware. * it occurred in 2018 but was disclosed in March this year. It is believed to have affected more than one

Millions of PC.

In April, Facebook admitted to storing the plaintext passwords of millions of Instagram users: a month before the incident

Facebook also admitted that it stored the plaintext password for the Facebook account.

In May, Google replaced the questionable Titan security key: a flaw in the Bluetooth pairing protocol forced Google to replace

Titan keys sold in the United States. Microsoft was later forced to release a special fix to fix the problem.

In June, researchers at 10 telecom providers: Cybereason said a state-backed intelligence

Institutions have sabotaged at least 10 global telecom companies: to some extent, * * people run "de facto shadow IT"

The department ".

In July, banks in Bangladesh, India, Sri Lanka and Kyrgyzstan were hacked by "Silence".

Customers stole millions of dollars in the process.

In August, the biometric database used by the Metropolitan Police, banks and corporate companies leaked millions of records.

In September, an insecure AWS database of South Korean industrial manufacturer DK-LOK revealed secrets between the company and its customers.

E-mail and communications.

In October, more than 20 million tax records of Russian citizens were stored in an online accessible database.

The time span ranges from 2009 to 2016.

In November, about 100 Facebook developers were given access to profile data they shouldn't have.

In December, data from about 21 million MixCuy users were sold on the dark web.

The problem of international network security is worrying, and it is not optimistic at home.

In 2019, the number of Internet in China shows an overall upward trend, the situation of websites is still grim, and the number of website vulnerabilities in the education industry.

The quantity found is the most.

CNCERT has newly captured about 32 million samples of computer malicious programs, and the peak value in China has exceeded that of 10Gbps.

The average number of DDoS*** events is about 4300 per month, an increase of 18% over the same period last year.

With the increasingly severe network security situation, enterprises and websites must pay attention to it and raise their vigilance.

Based on the protection experience of the Blue team Cloud Security team, the main target of * is machines with general security vulnerabilities, so

The main means to prevent the virus is to find and repair loopholes and lay out the security defense system. It is recommended that users do the following protection measures.

Shi:

1. Put an end to the use of weak passwords and avoid multi-purpose

Users related to the system and application should not use weak passwords, at the same time, they should use highly complex passwords, including the size as much as possible.

Write mixed passwords such as letters, numbers, special symbols, etc., and try to avoid multi-purpose situations.

two。 Update important patches and upgrade components in a timely manner

It is recommended that you pay attention to major updates to the operating system and components and use the correct channels to update the corresponding patch vulnerabilities or upgrade components.

3. Deploy hardening software and close non-essential ports

Security hardening software is deployed on the server, by restricting abnormal login behavior, enabling anti-blasting function, and preventing vulnerability exploitation, the same as

The range of networks and hosts that can be accessed by time-limited servers and other business service networks, and effectively strengthen the access control ACL policy

Refine the policy granularity, strictly restrict the access of each network area and between servers by region, and adopt white name stand-alone machine.

The system only allows the opening of specific business necessary ports to improve the system security baseline and prevent.

4. Take the initiative to conduct safety assessment to strengthen personnel safety awareness

Strengthen the cultivation of personnel safety awareness, do not click on email attachments from unknown sources, and do not download software from unknown websites.

Files with unknown sources, including email attachments, uploaded files, etc., should be disinfected first. Regular development of the system, application and network layer

Face security assessment, * testing and code audit work, take the initiative to find the security risks of current systems and applications.

5. Establish a network security defense system to effectively protect against viruses

The tactics and strategies adopted by cyber criminals are also evolving, and their methods and technologies are more diversified. For effective prevention

And against massive threats, we need to choose a stronger and smarter protection system. Blue team cloud gathers hardware strength and network security regiment

Team, to establish a comprehensive security protection system of pre-detection and early warning, in-process defense, and post-treatment. Continuous trend wind in the cloud

Risk monitoring and early warning, network side real-time traffic detection and defense, terminal killing and tracing after the event, starting from the user scene, solve the problem

System vulnerability and ensure the efficiency of event response.

Blue team Cloud has laid out DDoS defense services and other guarantees for issues such as data security and reliability, network defense, and website tampering protection.

Evaluation and rectification, Web application firewall (WAF), high defense CDN, Yunbao bastion machine, SSL certificate, * test, security assessment

Evaluate the network security defense system composed of services, cloud firewalls, threat awareness and other products to enhance the security defense capability of the network system.

To provide better network security services for Yunnan provincial government and business enterprises to ensure their network security and efficient operation.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.